secio, spipe replacement #442
Conversation
This commit introduces secio, the next generation spipe.
sadly, encrypting needs to copy, as the user supplied buffer must not be mangled.
|
go install github.com/jbenet/go-ipfs/cmd/seccat
seccat -l :1234
# in another terminal
seccat :1234and, to see the encryption magic: # listen with debug on
seccat -debug -v -l :1234
# connect with debug on
seccat -debug -v :1234 |
|
|
|
Are areas in particular where you wish to focus the reader's eye? |
warning: not interoperable, as the encryption protocol changed.Will need rebooting machines, etc. |
The |
|
Since you've got this part of the system paged in, are there any important events or metadata (eg. in the handshake or connection initiation) that we should log using json event logger? |
| @@ -0,0 +1 @@ | |||
| package secio | |||
probably just:
things in between should be for debugging but don't actually give us good info atm. (maybe the cipher choice, but meh) |
|
|
||
| // BufPool is a ByteSlicePool for messages. we need buffers because (sadly) | ||
| // we cannot encrypt in place-- the user needs their buffer back. | ||
| var BufPool = mpool.ByteSlicePool |
There was a problem hiding this comment.
yeah, so you could swap it out if desired. it's not a great way to do it shrug
|
LGTM |
|
We need a good way to merge in protocol breaking changes like this one. auto-update soon, but we also need to update nodes. any ideas? |
|
I guess i'll just merge. I'd love to have a single command that updates all the live nodes (solarnet, mars included) |
The new secio events aren't showing up in the event logs. Or do these changes go live after |
…census.io-0.22.3 build(deps): bump go.opencensus.io from 0.22.2 to 0.22.3
This PR introduces secio, the replacement to spipe.
(1) changed the third message to be the random nonce sent by
the remote party.
(2) determine order based on identities AND the random nonces,
which makes it very unlikely to fail.
and more